Google is being told by the EU to rethink the way it gathers personal information, following nine months of investigation into the way they collect it – and despite their maintaining that their policy complies with EU law.

The catchily-named “Article 29 Working Party”, made up of representatives from member EU states, hasn’t yet gone as far as implying that Google’s data gathering is illegal but *has* suggested that the company must put in 12 measures to satisfy concerns. The letter to Google is understood to have begun “Combining personal data on such a large scale creates high risks to the privacy of users”. The letter is said to go on to request Google modifies its data gathering practices. Google are reported to be looking closely into this recommendation, although the findings were not as serious as some industry watchers have predicted.

Google, like many other companies, has a clear conflict of interest in data gathering. Whilst wanting to provide users a good service, they are also being paid for advertising – a privacy issue many service providers also face. Many privacy campaigners have expressed concerns over the levels of data that companies like Google collect on their users – so this news may well placate them. The news will also focus people’s attentions on platforms such as Facebook, who also collect a massive amount of data on their users.

The big question for users is: Are we careful enough online? Although we now live in a socially connected world, with the ability to be online any time of the day, there is an unwritten line that users seem to expect companies not to cross when it comes to our personal information. As everybody’s opinion on WHERE that line lies is different, it will ultimately fall to users themselves to determine whether the companies they use are treading that line – or crossing it. As most people now know, if you aren’t paying for a service, chances are YOU are their payment model – so it’s down to you to make the call.